Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Autogenerate IAM resources for IAP Tunnel Instance #2988

Merged
merged 3 commits into from
Jan 17, 2020
Merged

Autogenerate IAM resources for IAP Tunnel Instance #2988

merged 3 commits into from
Jan 17, 2020

Conversation

emilymye
Copy link
Contributor

@emilymye emilymye commented Jan 17, 2020
edited
Loading 

projects/{{project_number}}/iap_tunnel/zones/{{zones}}/instances/{{instance}}

to

projects/{{project_id}}/iap_tunnel/zones/{{zones}}/instances/{{instance}}

While IAP in documentation says they only allow for project number, they actually support projectId. This change keeps TunnelInstance in line with both other IAP IAM resources and the rest of Terraform (by using project ID) and avoids two extra calls (and the necessary permissions) to fetch the project from the Cloud Resource Manager API and get the project number for an ID.

Release Note Template for Downstream PRs (will be copied)

iap: Added `google_iap_tunnel_instance_iam_*` IAM resources for IAP Tunnel Instances

iap: Supported IAM conditions in `google_iap_tunnel_instance_iam_*` IAM resources

iap: Changed resource ID for `google_iap_tunnel_instance_iam_*` IAM resources from `projects/{{project_number}}/iap_tunnel/zones/{{zones}}/instances/{{instance}}` to 
`projects/{{project}}/iap_tunnel/zones/{{zones}}/instances/{{instance}}` to maintain similar formats to other resources and avoid making  unnecessary additional requests to GCP to get project number.

@modular-magician
Copy link
Collaborator

Hi! I'm the modular magician, I work on Magic Modules.
I see that this PR has already had some downstream PRs generated. Any open downstreams are already updated to your most recent commit, 4670689.

Pull request statuses

No diff detected in terraform-google-conversion.
No diff detected in Ansible.
No diff detected in Inspec.

New Pull Requests

I built this PR into one or more new PRs on other repositories, and when those are closed, this PR will also be merged and closed.
depends: hashicorp/terraform-provider-google-beta#1654
depends: hashicorp/terraform-provider-google#5429

@modular-magician
Copy link
Collaborator

Hi! I'm the modular magician, I work on Magic Modules.
I see that this PR has already had some downstream PRs generated. Any open downstreams are already updated to your most recent commit, 82b93f4.

Pull request statuses

terraform-provider-google-beta already has an open PR.
No diff detected in terraform-google-conversion.
terraform-provider-google already has an open PR.
No diff detected in Ansible.
No diff detected in Inspec.

New Pull Requests

I didn't open any new pull requests because of this PR.

emilymye
emilymye commented Jan 17, 2020
View reviewed changes
products/iap/terraform.yaml
iam_conditions_request_type: :REQUEST_BODY
id_format: "projects/{{project}}/iap_tunnel/zones/{{zone}}/instances/{{name}}"
import_format: [
"projects/{{project}}/iap_tunnel/zones/{{zone}}/instances/{{name}}",
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Currently the handwritten has "projects/{{project}}/iap_tunnel/zones/{{zone}}/instances/{{instance}}" for id and "projects/{{project}}/zones/{{zone}}/instances/{{instance}}" for import format, so we're keeping ID format and supporting both import formats

@emilymye emilymye requested a review from slevenick January 17, 2020 00:49
slevenick
slevenick approved these changes Jan 17, 2020
View reviewed changes
Copy link
Contributor

@slevenick slevenick left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good to me! There is something strange going on with the downstreams though, they have conflicts

@modular-magician
Copy link
Collaborator

Hi! I'm the modular magician, I work on Magic Modules.
I see that this PR has already had some downstream PRs generated. Any open downstreams are already updated to your most recent commit, efe676e.

Pull request statuses

terraform-provider-google-beta already has an open PR.
No diff detected in terraform-google-conversion.
terraform-provider-google already has an open PR.
No diff detected in Ansible.
No diff detected in Inspec.

New Pull Requests

I didn't open any new pull requests because of this PR.

@modular-magician
Copy link
Collaborator

Hi! I'm the modular magician. Your PR generated some diffs in downstreams - here they are.

Diff report:

Terraform GA: Diff
Terraform Beta: Diff

@modular-magician
Copy link
Collaborator

Hi! I'm the modular magician, I work on Magic Modules.
I see that this PR has already had some downstream PRs generated. Any open downstreams are already updated to your most recent commit, dda2b60.

Pull request statuses

terraform-provider-google-beta already has an open PR.
No diff detected in terraform-google-conversion.
terraform-provider-google already has an open PR.
No diff detected in Ansible.
No diff detected in Inspec.

New Pull Requests

I didn't open any new pull requests because of this PR.

@modular-magician
Copy link
Collaborator

Hi! I'm the modular magician, I work on Magic Modules.
I see that this PR has already had some downstream PRs generated. Any open downstreams are already updated to your most recent commit, 7bab680.

Pull request statuses

terraform-provider-google-beta already has an open PR.
No diff detected in terraform-google-conversion.
terraform-provider-google already has an open PR.
No diff detected in Ansible.
No diff detected in Inspec.

New Pull Requests

I didn't open any new pull requests because of this PR.

@modular-magician
Copy link
Collaborator

Hi! I'm the modular magician, I work on Magic Modules.
I see that this PR has already had some downstream PRs generated. Any open downstreams are already updated to your most recent commit, 5aa4845.

Pull request statuses

terraform-provider-google-beta already has an open PR.
No diff detected in terraform-google-conversion.
terraform-provider-google already has an open PR.
No diff detected in Ansible.
No diff detected in Inspec.

New Pull Requests

I didn't open any new pull requests because of this PR.

emilymye and others added 3 commits January 17, 2020 20:31
@emilymye @modular-magician
autogen iam_iap
122dfdc
@emilymye @modular-magician
fix website
a68e8e1
@modular-magician
Update tracked submodules -> HEAD on Fri Jan 17 20:31:27 UTC 2020
0da33ab 
Tracked submodules are build/terraform-beta build/terraform-mapper build/terraform build/ansible build/inspec.
@modular-magician modular-magician merged commit 329adee into GoogleCloudPlatform:master Jan 17, 2020
nathkn pushed a commit to nathkn/magic-modules that referenced this pull request May 18, 2020
@emilymye
Autogenerate IAM resources for IAP Tunnel Instance (GoogleCloudPlatfo…
2e9e376 
…rm#2988)

Merged PR GoogleCloudPlatform#2988.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@slevenick slevenick slevenick approved these changes

Assignees
No one assigned
Labels
automerged cla: yes downstream-generated terraform-provider-google terraform-provider-google-beta
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

support google_iap_tunnel_instance_iam in GA provider IAM Conditions support for iap_tunnel_instance_iam
4 participants
@emilymye @modular-magician @slevenick @googlebot